251 matches found
CVE-2020-8134
Server-side request forgery SSRF vulnerability in Ghost CMS 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems...
CVE-2019-6516
An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible to force the application to perform requests to the internal workstation port-scanning and to perform requests to adjacent workstations network-scanning, aka SSRF...
CVE-2025-4876
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...
CVE-2025-4876
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...
CVE-2025-4876 Hardcoded Key Revealed in ConnectWise Password Encryption Utility
ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...
Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp
CVE-2025-32433Erlang-OTP This script is a custom security too...
CVE-2024-10457
Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...
CVE-2025-30114
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device Pairing can occur. The pairing mechanism relies solely on the connecting device's MAC address. By obtaining the MAC address through network scanning and spoofing it, an attacker can bypass the...
CVE-2024-10457
Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...
CVE-2024-10457
Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...
CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt
Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...
CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt
Multiple Server-Side Request Forgery SSRF vulnerabilities were identified in the significant-gravitas/autogpt repository, specifically in the GitHub Integration and Web Search blocks. These vulnerabilities affect version agpt-platform-beta-v0.1.1. The issues arise when block inputs are controlled...
CVE-2024-10457
CVE-2024-10457 describes multiple SSRF vulnerabilities in the significant-gravitas/autogpt project (agpt-platform-beta-v0.1.1). The issues arise when inputs to a set of GitHub integration and web-search blocks are controlled by untrusted sources, enabling requests to internal or attacker-controll...
AutoGPT 代码问题漏洞
AutoGPT is a tool from AutoGPT Open Source. Used to enable everyone to use and build accessible AI. AutoGPT agpt-platform-beta-v0.1.1 version has a code issue vulnerability that stems from multiple SSRF vulnerabilities that could lead to credential disclosure and internal network scanning...
CVE-2025-27669
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...
CVE-2025-27669
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...
CVE-2025-27669
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...
CVE-2025-27669
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843, Application 20.0.1923, is affected by CVE-2025-27669 which allows Remote Network Scanning (XSPA) and leads to a Denial of Service. The public description and Red Hat/CNNVD entries confirm affected versions and the nature...
CVE-2025-27669
Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Remote Network Scanning XSPA/DoS OVE-20230524-0013...
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
The Computer Emergency Response Team of Ukraine CERT-UA on Tuesday warned of renewed activity from an organized criminal group it tracks as UAC-0173 that involves infecting computers with a remote access trojan named DCRat aka DarkCrystal RAT. The Ukrainian cybersecurity authority said it observe...